Re: [exim] Blocking a Class C

Góra strony
Delete this message
Reply to this message
Autor: The Doctor
Data:  
Dla: Odhiambo Washington
CC: Jeremy Harris, exim-users
Temat: Re: [exim] Blocking a Class C
On Thu, Dec 08, 2022 at 09:24:19PM +0300, Odhiambo Washington via Exim-users wrote:
> On Thu, Dec 8, 2022 at 8:47 PM The Doctor via Exim-users <
> exim-users@???> wrote:
>
> > On Thu, Dec 08, 2022 at 02:33:01PM +0000, Jeremy Harris via Exim-users
> > wrote:
> > > On 08/12/2022 13:26, The Doctor via Exim-users wrote:
> > > > tcp4       0      0 midwest.ab.ca.smtps    5.34.207.58.62078
> > SYN_RCVD
> > > > tcp4       0      0 204.209.81.122.smtps   5.34.207.77.62962
> > SYN_RCVD
> > > > tcp4       0      0 204.209.81.102.smtps   5.34.207.195.9246
> > ESTABLISHED
> > > > tcp4       0      0 stagehypnotistco.smtps 5.34.207.114.55268
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.97.smtps    5.34.207.198.63598
> >  ESTABLISHED
> > > > tcp4       0   6153 204.209.81.174.smtps   5.34.207.114.4726
> > ESTABLISHED
> > > > tcp4       0   6153 dwellmodern.ca.smtps   5.34.207.190.48444
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.110.smtps   5.34.207.198.63764
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.51.smtps    5.34.207.198.38686
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.87.smtps    5.34.207.77.43412
> > ESTABLISHED
> > > > tcp4       0      0 environmental-so.smtps 5.34.207.49.53302
> > ESTABLISHED
> > > > tcp4       0      0 204.209.81.51.smtps    5.34.207.153.61228
> >  ESTABLISHED
> > > > tcp4       0      0 lpeser.ca.smtps        5.34.207.198.43508
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.142.smtps   5.34.207.198.4664
> > ESTABLISHED
> > > > tcp4       0      0 gibb.ab.ca.smtps       5.34.207.189.8904
> > ESTABLISHED
> > > > tcp4       0      0 robertsonsplumbi.smtps 5.34.207.189.1834
> > ESTABLISHED
> > > > tcp4       0    151 attilahypnotist..smtps 5.34.207.198.5432
> > ESTABLISHED
> > > > tcp4       0      0 techsupplies.ca.smtps  5.34.207.58.62492
> > ESTABLISHED
> > > > tcp4       0      0 proflamefireplac.smtps 5.34.207.198.56078
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.97.smtps    5.34.207.191.21406
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.151.smtps   5.34.207.95.43326
> > ESTABLISHED
> > > > tcp4       0      0 unityintegration.smtps 5.34.207.191.29918
> >  ESTABLISHED
> > > > tcp4       0     47 albertadogs.com.smtps  5.34.207.77.59246
> > ESTABLISHED
> > > > tcp4       0      0 lpeser.ca.smtps        5.34.207.153.16136
> >  ESTABLISHED
> > > > tcp4       0      0 valpy.com.smtps        5.34.207.153.7492
> > ESTABLISHED
> > > > tcp4       0      0 travelersfirstch.smtps 5.34.207.153.45748
> >  ESTABLISHED
> > > > tcp4       0     43 massageresultsco.smtps 5.34.207.185.20282
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.102.smtps   5.34.207.186.47794
> >  ESTABLISHED
> > > > tcp4       0      0 204.209.81.110.smtps   5.34.207.193.51362
> >  ESTABLISHED
> > > > tcp4       0      0 valpy.com.smtps        5.34.207.198.50486
> >  ESTABLISHED
> > > > tcp4       0     64 204.209.81.167.smtps   5.34.207.198.34662
> >  ESTABLISHED
> > > > tcp4       0     64 stage-hypnosis-c.smtps 5.34.207.198.64002
> >  ESTABLISHED
> > > > tcp4       0     64 204.209.81.102.smtps   5.34.207.198.23784
> >  ESTABLISHED
> > > > tcp4       0     64 promoteyourbusin.smtps 5.34.207.198.51544
> >  ESTABLISHED
> > > > tcp4       0     64 fortchipewyanlod.smtps 5.34.207.198.21030
> >  ESTABLISHED

> > > >
> > > > I am using exim-4.95 from FreeBSD ports.
> > >
> > >
> > > Ah, those are all ".smtps" - I suspect netstat on FreeBSD means "port
> > 465" there.
> > > If those are hung waiting to complete TLS negotiation, you'd see that.
> > >
> > > For those, use the main-config option "host_reject_connection" rather
> > than the
> > > connect ACL - it operates before the TLS startup for TLS-on-connect
> > ports,
> > > while the ACL is run after.
> > >
> > >
> > > I'm considering changing that, even though it's an incompatible change.
> > > Having the ACL operate before TLS startup (for TLS-on-connect) would
> > align
> > > with the operation for STARTTLS, and possibly cause less surprise.
> > > Anybody want to comment?
> >
> > Just reading this.
> >
> > Tried
> >
> > host_reject_connection = 5.34.207.*
> >
> > Still not doing the rejection job.
> >
>
> hostlist host_rejects = 5.34.207.0/24
> host_reject_connection = +host_rejects
>
> host_reject_connection = +host_reject
>
> root@gw:/usr/home/wash # exim -bh 5.34.207.3
>
> **** SMTP testing session as if from host 5.34.207.3
> **** but without any ident (RFC 1413) callback.
> **** This is not for real!
>
> >>> host in hosts_connection_nolog? no (option unset)
> LOG: SMTP connection from [5.34.207.3]
> >>> host in host_lookup? yes (matched "*")
> >>> looking up host name for 5.34.207.3
> >>> IP address lookup using gethostbyaddr()
> >>> IP address lookup failed: h_errno=1
> >>> host in "5.34.207.0/24"? yes (matched "5.34.207.0/24")
> >>> host in host_reject_connection? yes (matched "+host_rejects")
> LOG: refused connection from [5.34.207.3] (host_reject_connection)
> 554 SMTP service not available
> root@gw:/usr/home/wash #
>
>
>


Still seeing

netstat -a | egrep smtp
tcp4       0      0 exploreedmonton..smtps 5.34.207.189.26526     SYN_RCVD   
tcp4       0      0 comparealbertapo.smtps 5.34.207.190.30872     FIN_WAIT_2 
tcp4       0      0 204.209.81.148.smtps   5.34.207.114.57546     FIN_WAIT_2 





Member - Liberal International This is doctor@??? Ici doctor@???
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
Happy Christmas 2022 and Merry New Year 2023 Beware https://mindspring.com